Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-10-14 04:19:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fixed Errors + Updated Files + Added Bacnet

Browse source
This commit is contained in:
UncleRaymondo 2018-03-09 23:20:52 +11:00
parent ddb1e61ae5
commit 15c163517f
10 changed files with 83 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
bin/clean.sh
View file

@ -65,11 +65,32 @@ logrotate -s $mySTATUS $myCONF
} }
# Let's create a function to clean up and prepare conpot data # Let's create a function to clean up and prepare conpot data
fuCONPOT () { fuCONPOT_DEFAULT () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot/*; fi if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_default/*; fi
mkdir -p /data/conpot/log mkdir -p /data/conpot_default/log
chmod 760 /data/conpot -R chmod 760 /data/conpot_default -R
chown tpot:tpot /data/conpot -R chown tpot:tpot /data/conpot_default -R
}
fuCONPOT_KAMSTRUP () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_kamstrup/*; fi
mkdir -p /data/conpot_kamstrup/log
chmod 760 /data/conpot_kamstrup -R
chown tpot:tpot /data/conpot_kamstrup -R
}
fuCONPOT_GUARDIANAST () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_guardianast/*; fi
mkdir -p /data/conpot_guardianast/log
chmod 760 /data/conpot_guardianast -R
chown tpot:tpot /data/conpot_guardianast -R
}
fuCONPOT_IEC104 () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_IEC104/*; fi
mkdir -p /data/conpot_IEC104/log
chmod 760 /data/conpot_IEC104 -R
chown tpot:tpot /data/conpot_IEC104 -R
} }
# Let's create a function to clean up and prepare cowrie data # Let's create a function to clean up and prepare cowrie data
@ -201,7 +222,10 @@ if [ "$myPERSISTENCE" = "on" ];
fuLOGROTATE fuLOGROTATE
else else
echo "Cleaning up and preparing data folders." echo "Cleaning up and preparing data folders."
fuCONPOT fuCONPOT_DEFAULT
fuCONPOT_KAMSTRUP
fuCONPOT_GUARDIANAST
fuCONPOT_IEC104
fuCOWRIE fuCOWRIE
fuDIONAEA fuDIONAEA
fuELASTICPOT fuELASTICPOT

2
docker/conpot_IEC104/docker-compose.yml
View file

@ -1,4 +1,4 @@
version: '2.1a' version: '2.1'
networks: networks:
conpot_IEC104_local: conpot_IEC104_local:

39
docker/conpot_default/dist/default/bacnet/bacnet.xml vendored Normal file
View file

@ -0,0 +1,39 @@
<bacnet enabled="True" host="0.0.0.0" port="47808">
<device_info>
<device_name>SystemName</device_name>
<device_identifier>36113</device_identifier>
<vendor_name>Alerton Technologies, Inc.</vendor_name>
<vendor_identifier>15</vendor_identifier>
<max_apdu_length_accepted>1024</max_apdu_length_accepted>
<segmentation_supported>segmentedBoth</segmentation_supported>
<model_name>VAV-DD Controller</model_name>
<protocol_version>1</protocol_version>
</device_info>
<object_list>
<object name="objectBinary">
<properties>
<object_identifier>12</object_identifier>
<object_name>BI 01</object_name>
<object_type>Binary Input</object_type>
</properties>
</object>
<object name="objectAnalog">
<properties>
<object_identifier>14</object_identifier>
<object_name>AI 01</object_name>
<object_type>Analog Input</object_type>
<present_value>68.0</present_value>
</properties>
</object>
<object name="objectDoor">
<properties>
<object_identifier>16</object_identifier>
<object_name>Door 01</object_name>
<object_type>Access Door</object_type>
<present_value>0</present_value>
<out_of_service>True</out_of_service>
<maintenance_required>2</maintenance_required>
</properties>
</object>
</object_list>
</bacnet>

2
docker/conpot_default/dist/default/template.xml vendored
View file

@ -4,7 +4,7 @@
<entity name="unit">S7-200</entity> <entity name="unit">S7-200</entity>
<entity name="vendor">Siemens</entity> <entity name="vendor">Siemens</entity>
<entity name="description">Rough simulation of a basic Siemens S7-200 CPU with 2 slaves</entity> <entity name="description">Rough simulation of a basic Siemens S7-200 CPU with 2 slaves</entity>
<entity name="protocols">HTTP, MODBUS, s7comm, SNMP</entity> <entity name="protocols">MODBUS, s7comm, SNMP, Bacnet</entity>
<entity name="creator">the conpot team</entity> <entity name="creator">the conpot team</entity>
</template> </template>
<databus> <databus>

3
docker/conpot_default/docker-compose.yml
View file

@ -1,4 +1,4 @@
version: '2.1a' version: '2.1'
networks: networks:
conpot_default_local: conpot_default_local:
@ -14,6 +14,7 @@ services:
ports: ports:
- "102:102" - "102:102"
- "502:502" - "502:502"
- "47808:47808"
- "161:161/udp" - "161:161/udp"
image: "dtagdevsec/conpot:1710" image: "dtagdevsec/conpot:1710"
volumes: volumes:

2
docker/conpot_guardianast/docker-compose.yml
View file

@ -1,4 +1,4 @@
version: '2.1a' version: '2.1'
networks: networks:
conpot_guardianast_local: conpot_guardianast_local:

2
docker/conpot_kamstrup/docker-compose.yml
View file

@ -1,4 +1,4 @@
version: '2.1a' version: '2.1'
networks: networks:
conpot_kamstrup_local: conpot_kamstrup_local:

5
etc/compose/all.yml
View file

@ -1,6 +1,6 @@
# T-Pot (Everything) # T-Pot (Everything)
# For docker-compose ... # For docker-compose ...
version: '2.2a' version: '2.2'
networks: networks:
conpot_kamstrup_local: conpot_kamstrup_local:
@ -43,7 +43,8 @@ services:
ports: ports:
- "102:102" - "102:102"
- "502:502" - "502:502"
- "161:161/udp - "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710" image: "dtagdevsec/conpot:1710"
volumes: volumes:
- /data/conpot_default_local/log:/var/log/conpot_default_local - /data/conpot_default_local/log:/var/log/conpot_default_local

5
etc/compose/industrial.yml
View file

@ -1,6 +1,6 @@
# T-Pot (Industrial) # T-Pot (Industrial)
# For docker-compose ... # For docker-compose ...
version: '2.2a' version: '2.2'
networks: networks:
conpot_kamstrup_local: conpot_kamstrup_local:
@ -36,7 +36,8 @@ services:
ports: ports:
- "102:102" - "102:102"
- "502:502" - "502:502"
- "161:161/udp - "47808:47808"
- "161:161/udp"
image: "dtagdevsec/conpot:1710" image: "dtagdevsec/conpot:1710"
volumes: volumes:
- /data/conpot_default_local/log:/var/log/conpot_default_local - /data/conpot_default_local/log:/var/log/conpot_default_local

4
host/etc/systemd/tpot.service
View file

@ -37,7 +37,7 @@ ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 102,502,2404,10001 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 102,502,2404,10001,47808 -j ACCEPT
ExecStartPre=/sbin/iptables -w -A INPUT -p udp -m multiport --dports 69,161 -j ACCEPT ExecStartPre=/sbin/iptables -w -A INPUT -p udp -m multiport --dports 69,161 -j ACCEPT
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
@ -54,7 +54,7 @@ ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303
ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
ExecStartPre=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 102,502,2404,10001 -j ACCEPT ExecStartPre=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 102,502,2404,10001,47808 -j ACCEPT
ExecStartPre=/sbin/iptables -w -D INPUT -p udp -m multiport --dports 69,161 -j ACCEPT ExecStartPre=/sbin/iptables -w -D INPUT -p udp -m multiport --dports 69,161 -j ACCEPT
ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE